From e804d9d75679a4011bcb8a4cca11d5cc99f05a6d Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Tue, 14 Oct 2025 09:03:32 +0000 Subject: [PATCH 1/6] test workflow --- .github/workflows/automated_approval_test.yml | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/automated_approval_test.yml diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml new file mode 100644 index 000000000..9713f99a0 --- /dev/null +++ b/.github/workflows/automated_approval_test.yml @@ -0,0 +1,39 @@ +name: Auto approve PRs by Tagging Bot + +on: + pull_request: + types: [opened, synchronize, labeled] # ← Fixed: Added 'labeled' + +jobs: + auto-approve: + runs-on: ubuntu-latest + permissions: + pull-requests: write + contents: read + + steps: + - name: Generate GitHub App Token + id: generate-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ secrets.DECO_SDK_TAGGING_APP_ID }} + private-key: ${{ secrets.DECO_SDK_TAGGING_PRIVATE_KEY }} + + # Optional: Debug step to see who the author is + - name: Debug PR Info + run: | + echo "PR Number: ${{ github.event.pull_request.number }}" + echo "PR Author: ${{ github.event.pull_request.user.login }}" + echo "PR Labels: ${{ toJson(github.event.pull_request.labels.*.name) }}" + echo "Trigger Event: ${{ github.event.action }}" + + - name: Approve PR based on conditions + if: | + github.event.pull_request.user.login == 'deco-sdk-tagging[bot]' || + contains(github.event.pull_request.labels.*.name, 'zzz:automated-update') + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + gh pr review ${{ github.event.pull_request.number }} \ + --approve \ + --body "Auto-approved by Databricks SDK Release Bot" \ No newline at end of file From 0e1176d0e77f43cf25de12f4c3439432c4931942 Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Tue, 14 Oct 2025 09:31:40 +0000 Subject: [PATCH 2/6] added environment --- .github/workflows/automated_approval_test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml index 9713f99a0..c6af22633 100644 --- a/.github/workflows/automated_approval_test.yml +++ b/.github/workflows/automated_approval_test.yml @@ -7,6 +7,7 @@ on: jobs: auto-approve: runs-on: ubuntu-latest + environment: "release-is" # Required to access GitHub App secrets permissions: pull-requests: write contents: read From 582ade4f438c2ef27961f6c299bd703da1424759 Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Tue, 14 Oct 2025 09:34:41 +0000 Subject: [PATCH 3/6] used deco runner --- .github/workflows/automated_approval_test.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml index c6af22633..520476162 100644 --- a/.github/workflows/automated_approval_test.yml +++ b/.github/workflows/automated_approval_test.yml @@ -6,7 +6,9 @@ on: jobs: auto-approve: - runs-on: ubuntu-latest + runs-on: + group: databricks-deco-testing-runner-group + labels: ubuntu-latest-deco environment: "release-is" # Required to access GitHub App secrets permissions: pull-requests: write From 5fda3677f421b154c9bdc717492f1d33f2818e56 Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Tue, 14 Oct 2025 09:37:58 +0000 Subject: [PATCH 4/6] added repo --- .github/workflows/automated_approval_test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml index 520476162..c5251c8b3 100644 --- a/.github/workflows/automated_approval_test.yml +++ b/.github/workflows/automated_approval_test.yml @@ -38,5 +38,6 @@ jobs: GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh pr review ${{ github.event.pull_request.number }} \ + --repo ${{ github.repository }} \ --approve \ --body "Auto-approved by Databricks SDK Release Bot" \ No newline at end of file From c513393efc0f8061ad28516b43ef3933a9c6cbf7 Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Wed, 5 Nov 2025 12:33:53 +0000 Subject: [PATCH 5/6] added permissions --- .github/workflows/automated_approval_test.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml index c5251c8b3..5cf76b285 100644 --- a/.github/workflows/automated_approval_test.yml +++ b/.github/workflows/automated_approval_test.yml @@ -4,6 +4,12 @@ on: pull_request: types: [opened, synchronize, labeled] # ← Fixed: Added 'labeled' +# add permission to read contents +permissions: + contents: write + pull-requests: write + issues: write + jobs: auto-approve: runs-on: From ab198f902e1535c97297057062c4b67f42781b0b Mon Sep 17 00:00:00 2001 From: Divyansh Vijayvergia Date: Wed, 5 Nov 2025 12:35:40 +0000 Subject: [PATCH 6/6] using default token --- .github/workflows/automated_approval_test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml index 5cf76b285..29b034d9b 100644 --- a/.github/workflows/automated_approval_test.yml +++ b/.github/workflows/automated_approval_test.yml @@ -41,7 +41,7 @@ jobs: github.event.pull_request.user.login == 'deco-sdk-tagging[bot]' || contains(github.event.pull_request.labels.*.name, 'zzz:automated-update') env: - GH_TOKEN: ${{ steps.generate-token.outputs.token }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr review ${{ github.event.pull_request.number }} \ --repo ${{ github.repository }} \